Oh my, one place where SMBs actually have an advantage- I have always done continuous (OK, every 10-60 minutes depending on the network) monitoring for devices on the network- as soon as one drops off or comes on, I would see it, and find out what/why/where.
And, dev/test systems were only allowed on the segregated "lab" networks. Turn "web developers" loose on my network? NFW, most of them shouldn't be allowed on the Interwebs without adult supervision. Another source of "orphans" are those special purpose devices, kiosks and graphic display units- I chose to update those manually when needed and took as many as possible off the network. Jack -- ______________________________________ Jack Daniel, Reluctant CISSP http://twitter.com/jack_daniel http://www.linkedin.com/in/jackadaniel http://blog.uncommonsensesecurity.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
